<?php
//http://kpit.vip/password1.php?uname=huodeming&toke=4fad00f348cca4362f8cd8b24ff38309&key=1598505175

require_once('config.inc.php');//$pdo; $uid; ROOT

//测试数据
//$_GET = ['uname'=>'huodeming','toke'=>'4fad00f348cca4362f8cd8b24ff38309','key'=>'1598505175'];

//非法操作
if(empty($_GET['uname']) || empty($_GET['toke']) || empty($_GET['key'])){
	die('<h1>非法操作!<a href="index.php">返回首页</a></h1>');
}

$time = (int)$_GET['key'];
$toke = $_GET['toke'];
$uname = $_GET['uname'];

//验证时间.看不是有效的24小时内.....大了,小了都不行.
if(time() > time() || $time < time()-60*60*24){
	die('<h1>此链接不在有效期内!必须是邮发送邮件时起算,并且在24小时内才有效!<a href="index.php">返回首页</a></h1>');
}

$sql = "SELECT uname,email,md5(email) md5email FROM kp_usr WHERE uname=?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$uname]);
$res = $stmt->fetchAll(PDO::FETCH_ASSOC);
if(count($res) == 1){
	if($res[0]['md5email'] != $toke){
		die('<h1>非法操作:此用户生成的toke值不正确!!!</h1>');
	}
}else{
	die('<h1>非法操作:不存在你要改密码的用户名!!!</h1>');
}
//echo '请输入新密码!!!';




?>
<!DOCTYPE html>
<html lang="zh">
<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
	<meta http-equiv="X-UA-Compatible" content="ie=edge" />
	<script src="js/jquery-3.5.1.min.js" type="text/javascript" charset="utf-8"></script>
	<link rel="stylesheet" type="text/css" href="css/bootstrap.min.css"/>
	<title>重设密码</title>
</head>
<body>
	<div class="panel panel-default">
		<div class="panel-heading">重设密码 <a href="index.php"> 返回主页</a></div>
		<div class="panel-body">
			<div class="container">
				<form id="resetpwd" class="form-horizontal" action="#" method="post">
					<div class="form-group">
						<label class="col-sm-2 control-label">邮箱地址:</label>
		        		<div class="col-sm-10">
		           			<input type="text" name="email" class="form-control" value="<?php echo $res[0]['email']; ?>" readonly="readonly">
		        		</div>
					</div>
					<div class="form-group">
						<label class="col-sm-2 control-label">toke:</label>
		        		<div class="col-sm-10">
		           			<input type="text" name="toke" class="form-control" value="<?php echo $toke; ?>" readonly="readonly">
		        		</div>
					</div>
					<div class="form-group">
						<label class="col-sm-2 control-label">key:</label>
		        		<div class="col-sm-10">
		           			<input type="text" name="key" class="form-control" value="<?php echo $time; ?>"  readonly="readonly">
		        		</div>
					</div>
					<div class="form-group">
						<label class="col-sm-2 control-label">用户名:</label>
		        		<div class="col-sm-10">
		           			<input type="text" name="username" class="form-control" value="<?php echo $res[0]['uname']; ?>" readonly="readonly">
		        		</div>
					</div>
					<div class="form-group">
						<label class="col-sm-2 control-label">新密码:</label>
		        		<div class="col-sm-10">
		           			<input type="password" name="password" class="form-control" value="" placeholder="请输入新密码">
		        		</div>
					</div>
					<div class="form-group">
						<label class="col-sm-2 control-label">确认新密码:</label>
		        		<div class="col-sm-10">
		           			<input type="password" name="password1" class="form-control" value="" placeholder="请再次输入新密码">
		        		</div>
					</div>
					<div class="form-group">
						<label class="control-label col-sm-2" for="code">验证码:</label>
						<div class="col-sm-10">
							<div class="input-group">
								<input class="form-control" type="text" name="code" id="code" value="" />
								<div class="input-group-btn">
									<button id="btn-gdcode" type="button" class="btn btn-default" style="padding: 1px;"><img id="gdcode" src=""/></button>
								</div>
							</div>
							
						</div>
						<!--<div class="col-sm-3"><img src="img/gdcode.png" style="width: 100px; height: 30px;" alt="" /></div>-->
					</div>
					
					<div class="form-group">
						<button id="bt-topwd" class="form-control btn btn-success">重设密码</button>
					</div>
				</form>
			</div>
		</div>
	</div>
</body>
<script type="text/javascript">
	$(function(){
		//打开与点击都，随机生成验证码====
		$('#gdcode').attr('src','gdcode.php?'+ Math.random());
		$('#btn-gdcode').on('click',function(){
			$('#gdcode').attr('src','gdcode.php?'+ Math.random());
		});
		//去发送邮件按扭
		$('#bt-topwd').on('click',function(eve){
			var formData = new FormData($("#resetpwd")[0]);
			eve.target.innerHTML = '<img src="img/ajax-loader.gif" />重设密码中';
			$(eve.target).attr('disabled','disabled');
			$.ajax({
	            type: 'post',
	            url: 'ajax_reset_pwd.php',
	            data: formData,//$('#form1').serialize(),
	            dataType: 'json',
	            contentType: false, //上传文件必须
				processData: false, //上传文件必须
	            success: function (result) {
	            	console.log(result);
	                if (result.success == "1") {
	                	alert("重设密码成功,请牢记用户名或邮箱及密码!");
	                    console.log(result.data);
	                   	location.href = 'index.php';
	                } else {
	                	alert("重设密码失败，详情："+result.msg);
	                    console.log('重设密码失败:'+result.msg);
	                }
	                eve.target.innerHTML = '重设密码';
					$(eve.target).removeAttr('disabled');
	            },
	            error: function (err) {
	                alert("提交表单出错,详细：表单提失败了！");
	                eve.target.innerHTML = '重设密码';
					$(eve.target).removeAttr('disabled');
	                console.log(err);
	            }
	        });
			
		});
	});
</script>
</html>